By Jared Serbu
Reporter
Federal News Radio
Tampa, Fla. — The Army is about to give the green light for the first tablet computer to be permitted to operate on its networks, an approval that officials said they hoped would be issued within days.
The service has been conducting numerous pilots in an attempt to get a new generation of mobile devices into the hands of soldiers and to do it securely. The first fruits of those efforts could come “within the week,” said Lt. Gen. Susan Lawrence, the Army’s chief information officer.
“It’s an iPad-like device that you swipe your [common access card] through, and we would now have the ability to log on to the network and sign and encrypt data,” Lawrence said. “If that’s the case, we’re going to put it on the shelves very quickly for our units to procure.”
Lawrence said she did not want to identify the precise device ahead of its approval, though another Army IT official said the service expects to approve a tablet made by Fujitsu in the coming days.
Though it is arguably “iPad-like,” the device is not an Apple product, nor an Android or BlackBerry tablet. It runs a touchscreen-adapted implementation of the Windows 7 operating system, which is one reason the tablet is first out of the gate. The Army would be able to reuse many of the same security protocols it already implements for its desktop computers.
Additionally, the device has a built-in smart card reader that could authenticate users via their common access cards — known as CACs. Pilot programs DoD has been conducting for the iPad rely on an external card reader. Under DoD policy, any device that can’t use a CAC card to digitally sign and encrypt email is a non-starter.
In a roundtable discussion with reporters at the Army’s LandWarNet conference in Tampa, Fla. Wednesday, Lt. Gen. Rhett Hernandez, commander of the Army’s cyber command, said it’s important to make sure devices can be secured before they’re allowed on the network.
“It wasn’t too many months ago that I was on the end of, ‘Why can’t we have this?’ Now, from a vulnerability standpoint, I’m at the end that says, ‘Let’s make sure we bring them on at the rate that allows us to make sure we maintain a trusted and secure environment,'” he said.
Lawrence said the Army’s challenge will be to balance securing information with allowing it to flow where it needs to among the millions of sensors and mobile devices the service expects to see on its network within the next few years.
And Lt. Col. Matthew Dossman, who works with emerging technologies in the Army’s cyber directorate and is part of a working group the Army created to oversee its mobile device pilot programs, said it’s time to rethink the mobile-device security policies the Army has in place right now.
The policies apply to BlackBerrys, the only devices that are currently authorized. Dossman said in many cases, they’re simply overkill.
“We lock in down to the extreme. We take every policy setting and turn it to 11,” he said. “We have to rethink that. We’re going to have use cases from individuals in public areas on personal devices, all the way to government employees doing Army work on Army devices coming through an Army node. We can cover all those use cases.”
The key, he said, is mobile device management software that would allow the Army to control what a user can and can’t do based on his or her role in an organization, location, and other factors.
For instance, in the case of senior officers in sensitive positions, the Army would want to disable social media services that track a user’s location, while the same apps might be allowed for other users.
Also, while cameras are disabled in most of today’s Army BlackBerrys, Dossman said it makes sense to turn them back on for certain users and for certain applications, such as barcode scanning.
“There’s a couple of units that have gone hog wild and barcoded entire arms rooms,” he said. “It turns out they can do a 100 percent inventory in hours, when it used to take days. They’re done in time for lunch. The savings on that are huge, and we have to enable those efficiencies. If that means turning on the camera, yeah. Let’s do that.”
The current document DoD adheres to for BlackBerry security, known as a security technical implementation guide, or STIG, includes more than 500 security controls. Some are mandatory, though some are optional. The Army is taking a second look at those controls, and Dossman said reviewers found that in many cases the optional security lockdowns are turned on, whether they’re necessary or not.
“We also found there’s no consistency across the Army, and worse, commanders don’t understand. They don’t know that they could be getting more functionality out of the phones,” he said. “We’ve come up with a lot of potential efficiencies there.”
Dossman said the military is working as quickly as it can to get additional mobile devices approved on the network. The Pentagon is currently reviewing for final approval a STIG for iPhones and iPads; a draft version for the Android operating system is in the works.
RELATED STORIES:
Army presses ahead on secure smartphones
DoD ready to Go Mobile on iPhone, Android
This story is part of Federal News Radio’s daily DoD Report. For more defense news, click here.
(Copyright 2011 by FederalNewsRadio. All Rights Reserved.)
Copyright
© 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.